Can you provide a link to the site? I'd like to take a look at the source code to get an idea of how bad the infection is. Also, did you run a malware report? I'd need that as well.
Here's my suggestions on how we approach this:
- make sure all plugins & themes are updated to latest secure versions
- Check all files on all directories for any malicious scripts
- Check db for mysql injections
- run follow up scans for any addt'l malicious code.
- Integrate a new security plugin.
- Lock down all directories.
- check server logs for suspcious activity and track IP origins
- change htaccess file to block specific country ip ranges to prevent additional access to your site serverside.
- using htaccess block all access to your usertables & plugin directories
There's a few other things I'd look at as well. I'd be happy to chat further in detail, as I'm stickler about security & have extensive experience in handling these types of issues.
One additional note. Whether you decide to award me the project or not, please do not hire someone that bids $30 to do this for you. There's a decent amount of work involved to make sure the site is completely secure & a $30 job is going to create major headaches for you in the future.
Just a friendly word of caution.
-Eddie